Troubleshooting: Browser cookies not being set to expire
When WebSphere Commerce tries to delete a cookie, it sets the cookie expiry date to one that is in the past. An issue will occur if the date set is misinterpreted by the browser as one in the future, rather than the past. This misinterpretation leads to the cookie not being erased.
Problem
When WebSphere Commerce tries to delete a cookie, it sets the expiry date to one that is in the
past. For example,
header : Set-Cookie: WC_USERACTIVITY_-1002=DEL; Expires=Thu, 01-Dec-94 16:00:00 GMT; Path=/
An
issue will occur if this two-digit year value is misinterpreted by the browser as one in the future,
rather than the past. In this example, instead of interpreting the year value 94
as 1994, the browser interprets it as 2094. This
misinterpretation leads to the cookie not being erased.Solution
To configure WebSphere Application Server to use a four-digit year value for cookie expiration:
- Apply WebSphere Application Server Version 7 Fix pack 33 or above (7.0.0.33+).
- Configure the HTTP transport channel custom properties, setting v0CookieDateRFC1123compat to true.